iptables rules processing speed depends on RAM, CPU or HDD the most?

postcd

postcd

Member
Registered
Joined
Jul 8, 2012
Messages
27
Points
8
Hello,

when one want to block lets say 100 000 entries in netfilter/iptables, i read somewhere that it can be problem regarding speed (slow).
I have not tried.

So i wanted to ask what is limiting factor for fast processing of the iptables rules in case blocklist is very long and if it can be somehow prevented. (example by using ramdisk or by doing work in RAM)

I read about ipset but had no opportunity and time to try it, in this case i am interested just in iptables without ipset.

Someone mentioned that restarting iptables with many rules can take minutes so here again interested to know how to dramatically reduce time while still having many iptables entries.
 
UnderHost

UnderHost

Member
Registered
Joined
Sep 5, 2016
Messages
42
Points
8
The main limits of iptables is your CPU that where the slowness will come from. If you have 100 000 entries, I would definitely go with ipset it's fairly easy to implement but it could also be the right time for you to switch to a hardware firewall.

If you are using a 64bits OS, I would not go past 50k entries.
 
You must log in or register to reply here.
Older Threads
EpicGlobalWeb
SSL Stripping
Replies
7
Views
6,658
EpicGlobalWeb
EpicGlobalWeb
Is CentOS Basically Server-Ready?
Replies
5
Views
4,881
Optimidia
CarpCharacin
Kimsufi alternatives
Replies
16
Views
14,035
Shorty
EditName
[Need] New Ways to do Hosting
Replies
8
Views
5,102
EpicGlobalWeb
EditName
Hello Peeps
Replies
12
Views
5,413
ulterios
Newer Threads
EpicGlobalWeb
ISP Bandwidth Limitations
Replies
2
Views
2,952
LJSHost
Nemanja
Is a Dedicated Server more secure than a VPS?
Replies
8
Views
6,236
Colombiawebs
Alex_smith
Litespeed host wanted
Replies
4
Views
4,276
HostXNow
mattnz
How to configure a Dedicated Server?
Replies
3
Views
3,631
LJSHost
jaseem.abdu
Error 404
Replies
7
Views
5,385
Philippe Gaucher
Latest Threads
Rameshsharama
What Defines Good Web Design in 2025?
Replies
0
Views
1
Rameshsharama
V
Russia Dedicated hosting | 2x960GB SSD | Vps9.net | @Just €50.99 /mo
Replies
0
Views
46
vps9networks
Rameshsharama
Exploring the Range of Digital Services We Work With
Replies
0
Views
261
Rameshsharama
J
A remote networking solution for chain supermarkets
Replies
0
Views
381
jtti
BlueLeaf
Shield Your Digital Castle: The Complete 2025 Guide to DDoS Protection and Firewall Configuration
Replies
0
Views
754
BlueLeaf
Recommended Threads
trustdnb
Have you ever hired a freelancer?
Replies
2
Views
2,752
MrT
Fusion Arc Hosting
Fusion Arc Hosting | $8.00 Per Year (Cpanel) | Free Website Builder!
Replies
0
Views
1,556
Fusion Arc Hosting
webdesign
  • Locked
Sold Short SMS site for sale
Replies
7
Views
8,096
Inquestor
Ron Killian
WMS made me
2
Replies
22
Views
11,699
Ron Killian
Crowd_Town
What is your recommendation about tweet image ratio?
Replies
3
Views
3,201
Ron Killian
Similar Threads
Gmeister4
How to disable or enable iptables in Linux?
Replies
5
Views
3,537
Chris Worner
Mujkanovic
Should I disable Linux iptables permanently?
Replies
16
Views
7,840
Mujkanovic
valvps
Iptables Problem
Replies
3
Views
2,744
v.shipunov
Gmeister4
Open all ports iptables?
Replies
16
Views
7,510
bountysite
Mujkanovic
How to uninstall iptables from the server?
Replies
5
Views
10,168
serviceprovider

Latest postsNew threads

Latest Hosting OffersNew Reviews

Popular Contributors - Past 30 Days

Sponsors

Tag Cloud

You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.
  • cpanel
  • dedicated
  • free
  • hello
  • hosting
  • hosting services
  • marketing
  • offers
  • seo
  • server
  • services
  • vps
  • web
  • web hosting
  • website
  • wordpress
    • Top